← Volver a CVEs
CVE-2024-28249
MEDIUM6.1
Descripcion
Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Prior to versions 1.13.13, 1.14.8, and 1.15.2, in Cilium clusters with IPsec enabled and traffic matching Layer 7 policies, IPsec-eligible traffic between a node's Envoy proxy and pods on other nodes is sent unencrypted and IPsec-eligible traffic between a node's DNS proxy and pods on other nodes is sent unencrypted. This issue has been resolved in Cilium 1.15.2, 1.14.8, and 1.13.13. There is no known workaround for this issue.
Detalles CVE
Puntuacion CVSS v3.16.1
SeveridadMEDIUM
Vector CVSSCVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N
Vector de ataqueADJACENT_NETWORK
ComplejidadHIGH
Privilegios requeridosNONE
Interaccion usuarioNONE
Publicado3/18/2024
Ultima modificacion1/9/2025
Fuentenvd
Avistamientos honeypot0
Productos afectados
cilium:cilium
Debilidades (CWE)
CWE-311CWE-319
Referencias
https://github.com/cilium/cilium/releases/tag/v1.13.13(security-advisories@github.com)
https://github.com/cilium/cilium/releases/tag/v1.14.8(security-advisories@github.com)
https://github.com/cilium/cilium/releases/tag/v1.15.2(security-advisories@github.com)
https://github.com/cilium/cilium/security/advisories/GHSA-j89h-qrvr-xc36(security-advisories@github.com)
https://github.com/cilium/cilium/releases/tag/v1.13.13(af854a3a-2127-422b-91ae-364da2661108)
https://github.com/cilium/cilium/releases/tag/v1.14.8(af854a3a-2127-422b-91ae-364da2661108)
https://github.com/cilium/cilium/releases/tag/v1.15.2(af854a3a-2127-422b-91ae-364da2661108)
https://github.com/cilium/cilium/security/advisories/GHSA-j89h-qrvr-xc36(af854a3a-2127-422b-91ae-364da2661108)
Correlaciones IOC
Sin correlaciones registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.